AWS cognito documentation change
Summary
Updated documentation about how Amazon Cognito handles multiple values in IdP attributes, adding clarification about square-bracket characters
Security assessment
The change is a documentation clarification about attribute handling with no indication of security implications or security features being added
Diff
diff --git a/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.md index f16e06a13..daf7d2fb7 100644 --- a/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.md +++ b/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.md @@ -48 +48 @@ In case-insensitive user pools, your Lambda triggers that process the username m - * When IdP attributes contain multiple values, Amazon Cognito flattens all values into a single comma-delimited string and URL form-encodes the values containing non-alphanumeric characters (excluding the ‘`.`’, ‘`-`’, ‘`*`’, and ‘`_`’ characters). You must decode and parse the individual values before you use them in your app. + * When IdP attributes contain multiple values, Amazon Cognito flattens all values into a single comma-delimited string enclosed in the square-bracket characters `[` and `]`. Amazon Cognito URL form-encodes the values containing non-alphanumeric characters except for `.`, `-`, `*`, and `_`. You must decode and parse the individual values before you use them in your app.